new security issue was found and fixed http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2574
QA Contact: (none) => securityComponent: RPM Packages => Security
https://mariadb.com/kb/en/mariadb-10322-release-notes/
Summary: new security issues in MariaDB => mariadb new security issues (fixed in 10.3.22)
Updated MariaDB packages fix security vulnerabilities: Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. [1] In addtion a new pam subpackge is provided which adds prebuilt pam_user_map [2]. All release notes can be found here [3] References: [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2574 [2] https://mariadb.com/kb/en/authentication-plugin-pam/ [3] https://mariadb.com/kb/en/mariadb-10322-release-notes/ ======================== Updated packages in core/updates_testing: ======================== mariadb-10.3.22-1.mga7 mysql-MariaDB-10.3.22-1.mga7 mariadb-feedback-10.3.22-1.mga7 mariadb-connect-10.3.22-1.mga7 mariadb-sphinx-10.3.22-1.mga7 mariadb-mroonga-10.3.22-1.mga7 mariadb-sequence-10.3.22-1.mga7 mariadb-spider-10.3.22-1.mga7 mariadb-extra-10.3.22-1.mga7 mariadb-obsolete-10.3.22-1.mga7 mariadb-core-10.3.22-1.mga7 mariadb-common-core-10.3.22-1.mga7 mariadb-common-10.3.22-1.mga7 mariadb-client-10.3.22-1.mga7 mariadb-bench-10.3.22-1.mga7 mariadb-pam-10.3.22-1.mga7 libmariadb3-10.3.22-1.mga7 libmariadb-devel-10.3.22-1.mga7 libmariadbd19-10.3.22-1.mga7 libmariadb-embedded-devel-10.3.22-1.mga7 mariadb-debugsource-10.3.22-1.mga7 mariadb-debuginfo-10.3.22-1.mga7 mariadb-feedback-debuginfo-10.3.22-1.mga7 mariadb-connect-debuginfo-10.3.22-1.mga7 mariadb-sphinx-debuginfo-10.3.22-1.mga7 mariadb-mroonga-debuginfo-10.3.22-1.mga7 mariadb-sequence-debuginfo-10.3.22-1.mga7 mariadb-spider-debuginfo-10.3.22-1.mga7 mariadb-extra-debuginfo-10.3.22-1.mga7 mariadb-obsolete-debuginfo-10.3.22-1.mga7 mariadb-core-debuginfo-10.3.22-1.mga7 mariadb-common-debuginfo-10.3.22-1.mga7 mariadb-client-debuginfo-10.3.22-1.mga7 mariadb-bench-debuginfo-10.3.22-1.mga7 mariadb-pam-debuginfo-10.3.22-1.mga7 libmariadb3-debuginfo-10.3.22-1.mga7 libmariadbd19-debuginfo-10.3.22-1.mga7 libmariadb-embedded-devel-debuginfo-10.3.22-1.mga7 Source RPMs: mariadb-10.3.22-1.mga7.src.rpm
Assignee: mageia => qa-bugs
MGA7-64 Plasma on Lenovo B50 No installation issues, leaving out all evvel and debug packages. This was an update on an existin installation, used phpmyadmin to test. Recognized previous databases, created in an otherwise empty database a new table with a primary key on kol1 and a unique index and kol2. All is OK.
CC: (none) => herman.viaeneWhiteboard: (none) => MGA7-64-OK
Validating. Advisory in Comment 2.
CC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_update
Keywords: (none) => advisoryCC: (none) => tmb
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0072.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED